Now we have the perfect system and no one would be able to get in without having a valid user name and password, right? Wrong!
This is the kind of code that a hacker would type in the username text box.
A hacker could try something as shown in the above screenshot.
This is what was typed into the username text box.
dummy'; INSERT INTO ApplicationUser VALUES('Hacker', 'Password4Hacker'); --
After the concatenation, this is what SQL gets to execute:
SELECT Password FROM ApplicationUser WHERE UserName = 'dummy'; INSERT INTO ApplicationUser VALUES('Hacker', 'Password4Hacker'); --'
Never mind the “Login failed!” message, the hacker would have been successful in adding a new record to your table, as below.
How would a hacker guess the name of the table you use to store your users? That is a valid point, but would that be your only line of defense against the hacker? The point is our hacker can type not only that INSERT statement I illustrated, but can type anything!
What the hacker has been trying to do here is injecting code into the SQL, taking advantage of the fact that you have been concatenating strings to construct your SQL. This kind of attack is known as SQL injection.
Here is what I suggest you do to reduce the chances of an SQL injection attempt succeeding.
The three points above are by no means exhaustive. The methods and techniques used for SQL injection have unfortunately matured and have reached a level of sophistication. The hacking technique I have shown here is elementary. The three points I mentioned above should protect you from basic attacks, but please do more research on the subject to build security into your applications.
Get most out of your technology infrastructure investments with Dell
About CIOL | Media Kit | Site Map | Contact Us | Help | Write to us | Jobs@CyberMedia | Privacy Policy
Copyright © CyberMedia India Online Ltd. All rights reserved. Usage of content from web site is subject to Terms and Conditions.